Stack-based buffer overflow vulnerability in SDoP products
CVE-2024-41881

Currently unrated

Key Information:

Vendor: Philip Hazel
Status: Sdop
Vendor: CVE Published:; 29 July 2024

Summary

SDoP versions prior to 1.11 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted XML file, arbitrary code may be executed on the user's environment.

Affected Version(s)

SDoP prior to 1.11

References

https://github.com/PhilipHazel/SDoP

https://github.com/PhilipHazel/SDoP/commit/ff83d851b4b39f...

https://jvn.jp/en/jp/JVN16420523/

Timeline

Vulnerability published
Jul 29, 2024
Vulnerability Reserved
Jul 22, 2024